Microsoft Word flaw may allow file theft
It's worst on MS Office 97, but newer versions are vulnerable as well.
Here's a Patch 😀
It's worst on MS Office 97, but newer versions are vulnerable as well.
Here's a Patch 😀
-
We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.
Yet another Gaping Microsoft Security Flaw.
- Thread starter Armitage
- Start date
chillicotheweb
Senior member
I will never understand why people continue to use Microsoft products when they have these kind of problems.
Ummmmmmmmm, what is the big deal over this security hole???? I could just as easily walk up to your computer and take your damn files. It would take a good amount of inside info to steal files using this method. I think personally you would have a better chance at infecting someone with a virus to steal their files.........
OMG DROP LINUX/APACHE/SSL NOW.....IT HAS HUGE GAPING SECURITY HOLES.
My point is the fact that every OS and/or product is going to have security holes.
As a matter of fact most companies are NOT strict who walks in their building. There was a story about a year ago from a magazine where a person walked in to a company and acted like he worked there it. It took the company two weeks to figure it out he didn't work there. Everyone assumed he was just a new employee.
Have you ever been into MOST environments. I had to HASSLE people to not write their password down on a piece of paper on their desk. These are the same stupid people that would click yes to a VBS. So the people that would have their DOCs stolen via a VBS are the same ones I could walk up and steal their documents.
Anyone that has documents that are private should exercise their own caution when opening other people's documents. I never CLICK ok unless I know what is happening.
Stupid users are the problem......
EDIT: I also think that MS has more than their fair share of security holes BUT they also have a lot of products. Name one company that produces this much code and has less security holes? I just think that every is quick to jump on MS about their security holes and not a mention of security holes that are found in other products. I just feel if you are going to jump on MS then jump on other products too. I also think it is sh*tty that MS is not going to fix this problem on Word 97.
Nothinman
Elite Member
The difference is MS is saying they probably won't fix Word 97, which is still in widespread use and is the most vulnerable.
Sure everyone's quick to jump on MS about their problems, whether we like it or not they're leading the pack in software development and the example they're giving isn't a very good one. Look at IIS for the most ovbious candidate, week after week of the same type of problems, you'd think after the first one or two buffer overflows they'd audit the code and look for more unchecked buffers but they don't.
Yeah, I am happy to make a big deal out of MS not fixing Word 97 because that is just BS. Shame on MS.
IIS isn't leading the pack on web servers. Apache is 🙂 So that isn't very valid.
I have never been effected by any security problems with MS products and I hope I never am. I just think some things get blown out of proportion but sometimes the security issues are big deals especially when MS doesn't offer a fix in a timely manner.
IIS isn't leading the pack on web servers. Apache is 🙂 So that isn't very valid.
I have never been effected by any security problems with MS products and I hope I never am. I just think some things get blown out of proportion but sometimes the security issues are big deals especially when MS doesn't offer a fix in a timely manner.
Yes, but while MS is still debating whether they will fix it, the Apache/SSL bug has been fixed for some time. Any current problems are due to poor system administration.
Wouldn't happen here. You don't get in without a badge, and they occasionally turn on the retinal scanners.
Prior to this warning, did you even consider that editing somebody else's Word document was a security risk?
I mean really. Microsoft has opened up whole frontiers of computer security that shouldn't even exist. Why should it even be remotrely possible for somebody to use a word processor to steal files in this manner? Why should simply viewing an e-mail message expose you to viruses?
Collaboration on electronic documents is a vital activity in many businesses. How is this stupid?
HELL FVCKING YES I HAVE. Ever heard of a macro virus?????? I would have NEVER run a VBS in a word document until I verified the intent of it. You are just stupid if you do. I would bet that you are the same person that would just open an attachment from a person in email because you know them. It is called caution.
Like I have said. The bug alone cannot hurt you. It takes other factors to be effective. The other factors take stupidity to be part of the equation.
UMMMMM most companies are not like this.
On another note I think Sircam was a bigger problem than this. I have tons of idiots have their private documents spread by this dumb virus because the idiots did NOT keep their virus definitions up to date. Thank god we finally went to managed virus definitions.
Yea, good point. Which is why disabling macros is one of the first things I do in an office install. I have no use for macros in a Word document.
This exploit doesn't use macros though. No sign at all unless you turn on codes or carefully watch file sizes.
Electronic document collaboration is such I widespread & critical activity that I have a hard time considering it to be "stupid". But I'll be returning all documents as ASCII or rtf from now until there is a sane, widely supported format available.
And thank god for that. It's a real PITA.
VirtualLarry
No Lifer
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes + WCL Discussion Threads
- Started by Tigerick
- Replies: 25K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 24K
-
-
